in case
anyone is interested??
regards,
Keyser Soze
- Original Message -
From: <[EMAIL PROTECTED]>
To: "Joseph Tate" <[EMAIL PROTECTED]>
Cc: "Keyser Soze" <[EMAIL PROTECTED]>; "Php-Dev List"
<[EMAIL PROTECTED]>
Sent: Tuesday, March 05
Not yet, as it is still in the early, early stages. I need to get an idea
as to how the class hierarchy is going to look first, and get used to
working with Crypto++ (which seems quite easy -- I'm not having any major
problems yet, although for the time being I'm just dealing with fixed-size
That's would be ideal.
I've never worked with Crypto++ before or with heavy duty crypto libraries
in general, and I was kind of delegated to take on the project at work, so
I'm kind of stuck. And the only reason I started the project up was because
libmcrypt/libmhash don't work too well unde
OTECTED]]
> > Sent: Tuesday, March 05, 2002 1:19 PM
> > To: Joseph Tate; Brad Fisher; [EMAIL PROTECTED]
> > Cc: [EMAIL PROTECTED]
> > Subject: Re: [PHP-DEV] New Module
> >
> >
> > I agree, so I think this module could be packaged with a defau
ser Soze [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, March 05, 2002 1:19 PM
> To: Joseph Tate; Brad Fisher; [EMAIL PROTECTED]
> Cc: [EMAIL PROTECTED]
> Subject: Re: [PHP-DEV] New Module
>
>
> I agree, so I think this module could be packaged with a default mycrypt
>
lt;[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Tuesday, March 05, 2002 3:15 PM
Subject: RE: [PHP-DEV] New Module
> What Brad is suggesting doesn't take away from your module, just makes it
> easier to use from php land. No need to write your own c
PROTECTED]
> Subject: Re: [PHP-DEV] New Module
>
>
> but that's what my module is meant for
>
> Keyser Soze
>
> - Original Message -
> From: "Brad Fisher" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Cc: <[EMAIL PROTECTED]>
but that's what my module is meant for
Keyser Soze
- Original Message -
From: "Brad Fisher" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Tuesday, March 05, 2002 3:03 PM
Subject: Re: [PHP-DEV] New Module
>
> J Smith
> loadable module? Something like:
>
> bool crypto_register_algorithm(string name, function &crypt, function
> &decrypt)
Actually after thinking about it a bit more, why not:
bool crypto_register_algorithm(string name, function &crypt_decrypt)
>
> Then crypt and decrypt could have functio
J Smith wrote:
> I hesitate to mention this because I don't want to get stuck in a corner
> here, but I've been working on and off on a PHP encryption extension for
> precisely the reasons you mention. I'm using Crypto++, a public ...
This sounds to me like one of the better ways to do it. Jus
bedded" databasing system would be pretty cool.
>
> Anyway, if you've been able to follow my meandering, congratulations. I
> just wanted to put in my $.02. I definitely don't have time to develop
this
> kind of thing right now, but think it would be very useful.
&g
sorry...the correct name is my_crypt and my_decrypt
- Original Message -
From: "Jim Segrave" <[EMAIL PROTECTED]>
To: "Keyser Soze" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Tuesday, March 05, 2002 2:44 PM
Subject
think it would be very useful.
Joseph
> -Original Message-
> From: Keyser Soze [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, March 05, 2002 10:55 AM
> Cc: PHP-DEV
> Subject: Re: [PHP-DEV] New Module
>
>
> Not if the webserver is in another machine, he could have gained a
--- J Smith <[EMAIL PROTECTED]> wrote:
> I have no idea of how much longer I'll be working on the extension
> as I
> have a ton of other stuff to do, but I'll keep plugging away at it.
> No idea
> what kind of timeframe I'm looking at, or even if I'll finish it,
> just
> thought I'd mention tha
On Tue 05 Mar 2002 (14:39 -0300), Keyser Soze wrote:
> with my module you can use any crypt method you want, just need to make a
> shared library with the name libmycrypt.so (in linux, didn´t make the
> windows port yet)
>
> with the functions (char *)crypt(char *) and (char *) decrypt(char *)
>
- Original Message -
From: "J Smith" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, March 05, 2002 2:15 PM
Subject: Re: [PHP-DEV] New Module
>
> I hesitate to mention this because I don't want to get stuck in a corner
> here, but I've be
I hesitate to mention this because I don't want to get stuck in a corner
here, but I've been working on and off on a PHP encryption extension for
precisely the reasons you mention. I'm using Crypto++, a public domain
crypto library written in C++.
A few months back, I was faced with a somewh
ounds ok for me.
regards,
Keyser Soze
- Original Message -
From: "Peter Petermann" <[EMAIL PROTECTED]>
To: "Keyser Soze" <[EMAIL PROTECTED]>; "Robin Ericsson"
<[EMAIL PROTECTED]>
Cc: "PHP-DEV" <[EMAIL PROTECTED]>
Sent: Tuesday,
--- Rasmus Lerdorf <[EMAIL PROTECTED]> wrote:
> Why not just store them using crypt() or md5(). With one-way
> encoding
> like that nobody can steal the passwords, not even you.
On some further research, md5() seems like a very reasonable
alternative given that it is supported in multiple langua
s Lerdorf" <[EMAIL PROTECTED]>
> To: "Brent R. Matzelle" <[EMAIL PROTECTED]>
> Cc: "PHP-DEV" <[EMAIL PROTECTED]>
> Sent: Tuesday, March 05, 2002 11:35 AM
> Subject: Re: [PHP-DEV] New Module
>
>
> Why not just store them using crypt() or md5(
atzelle" <[EMAIL PROTECTED]>
Cc: "PHP-DEV" <[EMAIL PROTECTED]>
Sent: Tuesday, March 05, 2002 11:35 AM
Subject: Re: [PHP-DEV] New Module
Why not just store them using crypt() or md5(). With one-way encoding
like that nobody can steal the passwords, not even
> it's much easier to detect a modification of a script instead of just a
"cat
> dbconf.php".
no need to modify a script.
if a hacker has access to your webserver,
in most cases he will be able to access your db server too.
if not, in case of your extension
it shouldnt be hard for him
creating a s
Why not just store them using crypt() or md5(). With one-way encoding
like that nobody can steal the passwords, not even you.
-Rasmus
On Tue, 5 Mar 2002, Brent R. Matzelle wrote:
> --- [EMAIL PROTECTED] wrote:
> > Hey,
> >
> > why not simply use the mcrypt functions available in PHP?
>
> I wil
--- [EMAIL PROTECTED] wrote:
> Hey,
>
> why not simply use the mcrypt functions available in PHP?
I will tell you why. Mcrypt is nearly useless for developers like
myself who develop PHP applications for both *NIX and win32
platforms. The mcrypt libraries are not distributed with the Windows
b
it's much easier to detect a modification of a script instead of just a "cat
dbconf.php".
Keyser Soze
Original Message-
What stops the hacker from doing:
$vars_db = cfg_get("db.cfg");
connect($conf[dbhost], $conf[dbname] , $conf[dbuser] , $conf[dbpass] );
print_r($conf); // or var_d
On Tue, 2002-03-05 at 13:14, Keyser Soze wrote:
> this is different...the idea around this new module is that you won't have
> any script in your server with your configurations in plain text, let me
> show you another exemple:
>
> runonce.php:
> /* This script will be only run once and then must
[EMAIL PROTECTED]>
To: "Keyser Soze" <[EMAIL PROTECTED]>
Cc: "PHP-DEV" <[EMAIL PROTECTED]>
Sent: Tuesday, March 05, 2002 3:31 AM
Subject: Re: [PHP-DEV] New Module
Hey,
why not simply use the mcrypt functions available in PHP?
Derick
On Mon, 4 Mar 2002, Keyser So
Hey,
why not simply use the mcrypt functions available in PHP?
Derick
On Mon, 4 Mar 2002, Keyser Soze wrote:
> Hi all,
>
> I have developed a new module that may be of interest of you. I'm putting it
> under GNU license.
> The module consist of two functions:
> bool cfg_set(string file,assoc a
PHP already has mcrypt support so doing this in userland wouldn't be
much of a challenge at all.
See pear.php.net.
-Chris
-Original Message-
From: Keyser Soze [mailto:[EMAIL PROTECTED]]
Sent: Monday, March 04, 2002 5:58 PM
To: PHP-DEV
Subject: [PHP-DEV] New Module
Hi all,
I
Hi all,
I have developed a new module that may be of interest of you. I'm putting it
under GNU license.
The module consist of two functions:
bool cfg_set(string file,assoc array vars): it saves configurations in vars
crypted into file
array cfg_set(string file): returns the associative array un
Because recode library doesn't work for me (it segfaults), I have coded
support for iconv function (as found in glibc) and I would like to add this
module in official php4 source. How can it be done.
(Please Cc reply to my address, since I am not subscriber of php-dev list
yet.)
--
Ondřej Sur
31 matches
Mail list logo
